Cyber Security Analyst

The Denzel Group, an award-winning IT recruitment firm has been requested to assist a leading healthcare organization in their search for a Cyber Security/Vulnerability Analyst.

Full Time/FTE position

Hybrid - 2 days onsite in either Philadelphia OR Allentown, PA (whichever is closer to the candidate)

Salary Range: $90 to $100k + benefits/PTO/401K

Perm Residents Only - US Citizens or GC holders are only being considered at this time

RAPID7 InsightVM and MS DEFENDER experience is a MUST

Vulnerability Security Analyst

The Vulnerability Security Analyst is responsible for comprehensive vulnerability management, encompassing administration, maintenance, operational incident management, and change management. This role focuses on the identification, remediation, and reporting of vulnerabilities to ensure the security and integrity of the organizations systems and data.

Responsibilities:

Health Monitoring and Maintenance:

Monitor health, scan schedules, and maintenance of in-scope tools.

Perform cleanup and purge activities in the vulnerability scanning tool to remove decommissioned servers.

Review scan policies and templates, fine-tuning them to reduce false positives

Create policy compliance scan templates for operating systems as needed.

Maintain accuracy of vulnerability data ingested into the vulnerability risk management and scoring platform.

Monitor license expiry for instances of in-scope tools.

Monitor and renew certificates for in-scope tools.

Product Upgrades and Issue Resolution:

Analyze, report, and coordinate product upgrades/security patches.

Troubleshoot product-related defects and issues.

Resolve service requests assigned to the team.

Participate in daily Threat Intel Calls.

Vulnerability Identification and Analysis:

Perform scheduled and ad-hoc scans for in-scope assets.

Conduct discovery scans across the network to identify new servers that escaped the server build process.

Troubleshoot and resolve issues encountered during scans (e.g., failed authentication, insufficient privileges).

Perform issue triaging and remove false positives.

Ingest vulnerability scan data into the vulnerability risk management and scoring platform to risk rank vulnerabilities.

Track and report vulnerabilities and exceptions.

Qualifications and Skills:

Technical Proficiency:

Strong knowledge of Information Security and Network Security technologies.

Proficiency with vulnerability scanning tools (e.g., Rapid7 InsightVM).

Experience with cloud security platforms (e.g., Wiz, MS Defender CSPM).

Familiarity with ARMIS, PowerBI and SIEM platforms

Analytical Abilities:

Excellent analytical and problem-solving skills to identify and mitigate security threats.

Ability to perform detailed vulnerability assessments and analysis of penetration tests.

Strong troubleshooting skills for resolving scan-related issues.

Communication Skills:

Effective communication skills for reporting and coordinating with other teams.

Ability to document incidents, policies and procedures, and create comprehensive reports.

Certifications:

Relevant certifications such as CISSP, CEH, CompTIA Security+, or equivalent.

Continuous learning and staying updated on the latest cybersecurity trends and technologies.

Experience:

3-5 years of experience in an information security function, in a high paced environment, ability to multi-task, a keen eye for detail, strong organizational skills, the ability to thrive in fast-paced, high-stress situations, and ability to communicate cyber security issues to peers and management.

3+ years solid understanding of Cyber Security & IT controls, network / systems / application penetration testing and vulnerability assessments. Experience with NIST and ISO frameworks. Solid knowledge of HIPAA, HITECH, and other IT security governing bodies.